GitHub now requiring 2FA for all contributors,what authenticator apps you using?

15 points by nickcageinacage ↗ HN
GitHub is rolling out mandatory 2FA for accounts that contribute code, with a 45-day window to enroll.

Aegis, Raivo, or Ente are the ones that have most promise from what I've read. Any other recommendations? or thoughts on those three in particular.

TY

22 comments

[ 3.7 ms ] story [ 49.7 ms ] thread
That's been pending for a while, I'll just stop contributing code.
Using GitHub MFA via the app on my iPhone.
Google auth, first and the only 2FA authenticator I ever used.
Microsoft showing 2FA down everyone's throat is quite painful. I don't for a second believe they are only using my phone number for authentication. They are storing the data and they are correlating it with other apps they force 2FA on.
Authy but I’m considering moving to Apple Passwords so it’s all together.
on phone: 2FA Manager from OpenStore on UBports phone

on work laptop: 1PW

I only use google and Microsoft, it might be a good idea for me to look into this deeper for the future.
There has been a review of these apps some time ago. I know google/ms were worst and Aegis was on the top of the list(among few others whom i do not remember). I have been using Aegis for aeges :D
Honestly, the safest for me has always been the boring one: Microsoft authenticator
Aegis is a solid choice for local 2FA, especially if you're looking for something actively maintained that doesn't rely on cloud sync. Several comments like uyzstvqs and gethly point this out, and I've seen it perform well in practice. For the absolute highest security tiers, though, consider moving towards hardware keys. While it adds a bit more friction than an app, the security posture is far superior for critical accounts.
Google Authenticator. Surely I can look for something better but why to complicate things and spend time searching for better alternatives.
Yubikeys with fallback to Google authenticator.
Been using Aegis for a while now, the encrypted backup alone makes it worth it over Google Authenticator. losing access to everything because you switched phones once is enough to make you take backups seriously. Ente is worth a look if you want cloud sync without giving up control of your keys. haven't tried Raivo personally.